Menu

BGP SoO

BGP have loops prevention mechanisms embedded , and we have tools to bypass this aspect of BGP, such as AS-Override or the allowas-in, SOO Extended Community is a loop prevention mechanism needed only for customer networks with multihomed sites. Loops can never occur in stub sites, the SOO Attribute,is used to prevent loops, when EBGP is running between the PE and CE routers, and this attribute is configured using a route-map. Now if the PE-CE routing protocol is not BGP we configure SOO under vrf interface by ip vrf sitemap command.

BGP have loops prevention mechanisms embedded , and we have tools to bypass this aspect of BGP, such as AS-Override or the allowas-in, SOO Extended Community is a loop prevention mechanism needed only for customer networks with multihomed sites. Loops can never occur in stub sites, the SOO Attribute,is used to prevent loops, when EBGP is running between the PE and CE routers, and this attribute is configured using a route-map. Now if the PE-CE routing protocol is not BGP we configure SOO under vrf interface by ip vrf sitemap command, pleease click here to see an example.

1.- BGP peer policy template-A peer policy template is created, and an SoO value is configured as part of the peer policy. Under address family IPv4 VRF, a neighbor is identified and is configured to inherit the peer policy that contains the SoO value.

2.- BGP neighbor command-Under address family IPv4 VRF, a neighbor is identified, and an SoO value is configured for the neighbor.

3.- BGP peer group-Under address family IPv4 VRF, a BGP peer group is configured, an SoO value is configured for the peer group, a neighbor is identified, and the neighbor is configured as a member of the peer group. The configuration of SoO values for BGP neighbors is performed on a provider edge (PE) router, which is the VPN entry point. When SoO is enabled, the PE router forwards prefixes to the customer premises equipment (CPE) only when the SoO tag of the prefix does not match the SoO tag configured for the CPE.

Say we want to configure the 1 method as an example

Here, In this example, an SoO tag is set as 1:1 for the customer site that includes routers CPE1 and CPE2 with an autonomous system number of 78. When CPE1 sends prefixes to PE1, PE1 tags the prefixes with 1:1, which is the SoO tag for CPE1 and CPE2. When PE1 sends the tagged prefixes to PE2, PE2 performs a match against the SoO tag from CPE2. Any prefixes with the tag value of 1:1 are not sent to CPE2 because the SoO tag matches the SoO tag of CPE2, and a routing loop is avoided. (that is we see from BGP: .. start import cfg version = 0 BGP(2): 10.1.108.8 soo loop detected for 7.7.7.7/32 – sending unreachable)